win
Log in
Docs/Local harness

Run loops locally

The win.sh harness treats business loops as readable files. You can review them, edit them, commit them, and hand each run to Codex or Claude Code.

Quickstart

Install the CLI, approve a scoped token in the browser, install a loop pack, then run a dry pass before allowing the agent to execute. 

npm install -g @win.sh/win
win auth login
win install bug-autofix
win status
win tick
win exec --agent codex --dry-run

win auth login opens https://win.sh/settings/api-tokens/cli, creates a scoped token after browser approval, and stores it in the local harness configuration.

Loop files

A loop pack is intentionally inspectable. It should be possible to understand what a loop may read, when it may act, when it must ask, and how it learns without opening app code.

LOOP.md

Business contract, trigger policy, authority rules, verification window, and adaptive scheduling policy.

SKILL.md

Executor workflow that Codex, Claude Code, or hosted win.sh can follow for one run.

journal.md or journal.jsonl

Append-only run memory: signal, decision, action, result, verification date, and learning.

evals/

Checks that catch unsafe actions, repeated failed actions, missing evidence, and broken loop contracts.

Core commands

win statusShow installed loops, enabled state, next run estimate, and recent journal status.
win loopsList available and installed loop packs.
win enable bug-autofixEnable a loop for adaptive scheduling.
win disable bug-autofixPause a loop without deleting its files or journal.
win tickEvaluate which enabled loops are due and schedule the next useful run.
win journal bug-autofixRead the loop journal and prior decisions.
win exec --agent codexGenerate a run brief and hand it to the selected local agent runtime.

Hosted bridge

Hosted win.sh removes the local setup burden and adds connector access, browser approval, durable traces, team-visible journals, and UI controls for enabling or pausing loops. 

curl https://win.sh/v1/loops/bug-autofix/connector-snapshot \
  -H "Authorization: Bearer win_live_..."

The local harness can fetch this snapshot before a run, then pass the relevant signals to the loop skill. The hosted scheduler and local scheduler share the same principle: each loop chooses the next useful run date, not a fixed cron interval.

Safety model

  • Every loop must be able to decide that no action is warranted.
  • Risky external actions should become approval requests before execution.
  • Each run should write a journal entry even when it waits, refuses, or finds missing access.
  • Verification dates should be explicit so loops can check outcomes later instead of repeating the same action.
  • Connector tokens stay in hosted win.sh; local harness tokens are scoped API tokens for loop data reads.